Certificate cleanup for most personal computers

A little Dutch company potentially lets a flood of problems into our Windows machines.

The company manages digital certificates; after its recent break-in by hackers, security certificates for Mozilla, Yahoo, WordPress, and other sites are now suspect.

On a daily basis, no matter what our level of paranoia, we trust the companies we work with. … Well, at least our browsers and computers do. Inside all computers, both Windows and Mac, is a collection of digital certificates that everyone on the Net has agreed to trust. On Vista and Windows 7 systems, these root certificates (definition) are updated by the issuer automatically. But on Windows XP machines, they’re updated manually.

Companies doing business on the Internet buy certificates linked to a root certificate and automatically become part of the chain of trust. Because your computer trusts the vendor who provided the root certificate, it automatically trusts all online businesses with associated certificates.

This process is the foundation for secure Web transactions such as shopping on Amazon, online-banking, and e-mail. Many updates after breaks in the chain of trust Typically, this system works well. But on the rare occasions it fails — when the chain of trust is broken — it can instantly affect thousands of PCs.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, WinFind, Windows Gizmos, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of iNET Interactive. All other marks are the trademarks or service marks of their respective owners.